Microsoft Tech Summit 2018, Amsterdam

I would like to say thank you to everybody who attended the Microsoft Tech Summit 2018, Amsterdam. It was an awesome setup and a great event with lots of great sessions.

It is always a pleasure and an honor to get the opportunity to speak at a Microsoft event. So, thank you for attending and for making speaking at the event a great experience!
The session and slide deck were originally presented at Microsoft Ignite 2017 [Link].

Throughout the presentation updated information and links was used. Unfortunately, I am not allowed to share the slide deck, however as promised during the session, please find notes and links below.

Microsoft Tech Summit 2018, Amsterdam, March 28 – March 29, 2018

Session name: What’s new in Windows 10 security? Raising the bar of security once again with the Fall Creators Update!
Session Code: BRK2037
Session room: E102
Session link: What-s-new-inWindows-10-security-Raising-the-bar-of-security

Notes from the field

  1. Get you Proof of Concept (PoC) started, enable Audit Mode for all solutions to start collecting insights
  2. Utilize a suitable solution for collecting Audit events from local event-logs e.g. using Windows Event Forwarding (WEF): https://blogs.technet.microsoft.com/jepayne/2015/11/23/monitoring-whatmatters-windows-event-forwarding-for-everyone-even-if-you-already-have-a-siem/
  3. STOP using Domain Admins accounts!
  4. Ensure to have local accounts protected, e.g. Administrator account by enabling random password solution, e.g. using Microsoft Local Administrator Solution (LAPS):
  5. Be prepared to respond to business complaints and be ready to remediate issues (have a “backup” plan)
  6. Start logging activity from your devices, see Security baseline for Windows 10 v1803 “Redstone 4” – DRAFT: https://blogs.technet.microsoft.com/secguide/2018/03/27/security-baseline-for-windows10-v1803-redstone-4-draft/
  7. Implement Security baseline for Office 2016 and Office 365 ProPlus apps – FINAL:
    https://blogs.technet.microsoft.com/secguide/2018/02/13/security-baseline-for-office-2016-andoffice-365-proplus-apps-final/
  8. Visit Windows Active Defense web site to start your test: https://demo.wd.microsoft.com/

–Jesper